Novell Home

CVE-2013-2072

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-2072 at MITRE

Description

Buffer overflow in the Python bindings for the xc_vcpu_setaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service (memory corruption and xend toolstack crash) and possibly gain privileges via a crafted cpumap.

NVD CVSS v2 Base Score: 7.4 (AV:A/AC:M/Au:S/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entries: 813673, 819416, 840592

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SLE 11 SP2 DEBUGINFO
  • xen-debuginfo >= 4.1.5_02-0.5.1
  • xen-debugsource >= 4.1.5_02-0.5.1
Builds
SAT Patch Nr: 7798
SUSE Linux Enterprise Software Development Kit 11 SP2
  • xen-devel >= 4.1.5_02-0.5.1
Builds
SAT Patch Nr: 7798
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Server 11 SP2
  • xen-kmp-default >= 4.1.5_02_3.0.74_0.6.10-0.5.1
  • xen-kmp-pae >= 4.1.5_02_3.0.74_0.6.10-0.5.1
  • xen-kmp-trace >= 4.1.5_02_3.0.74_0.6.10-0.5.1
  • xen-libs >= 4.1.5_02-0.5.1
  • xen-tools-domU >= 4.1.5_02-0.5.1
Builds
SAT Patch Nr: 7798
SUSE Linux Enterprise Server 11 SP2 for VMware
  • xen-kmp-trace >= 4.1.5_02_3.0.74_0.6.10-0.5.1
Builds
SAT Patch Nr: 7798
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Server 11 SP2
  • xen >= 4.1.5_02-0.5.1
  • xen-doc-html >= 4.1.5_02-0.5.1
  • xen-doc-pdf >= 4.1.5_02-0.5.1
  • xen-kmp-default >= 4.1.5_02_3.0.74_0.6.10-0.5.1
  • xen-kmp-trace >= 4.1.5_02_3.0.74_0.6.10-0.5.1
  • xen-libs >= 4.1.5_02-0.5.1
  • xen-libs-32bit >= 4.1.5_02-0.5.1
  • xen-tools >= 4.1.5_02-0.5.1
  • xen-tools-domU >= 4.1.5_02-0.5.1
Builds
SAT Patch Nr: 7798
SLE 11 SP1 DEBUGINFO
  • xen-debuginfo >= 4.0.3_21548_16-0.5.1
  • xen-debugsource >= 4.0.3_21548_16-0.5.1
Builds
SAT Patch Nr: 8963
SUSE Linux Enterprise Server 11 SP1 LTSS
  • xen >= 4.0.3_21548_16-0.5.1
  • xen-doc-html >= 4.0.3_21548_16-0.5.1
  • xen-doc-pdf >= 4.0.3_21548_16-0.5.1
  • xen-kmp-default >= 4.0.3_21548_16_2.6.32.59_0.9-0.5.1
  • xen-kmp-pae >= 4.0.3_21548_16_2.6.32.59_0.9-0.5.1
  • xen-kmp-trace >= 4.0.3_21548_16_2.6.32.59_0.9-0.5.1
  • xen-libs >= 4.0.3_21548_16-0.5.1
  • xen-tools >= 4.0.3_21548_16-0.5.1
  • xen-tools-domU >= 4.0.3_21548_16-0.5.1
Builds
SAT Patch Nr: 8963
SUSE Linux Enterprise Server 11 SP1 LTSS
  • xen >= 4.0.3_21548_16-0.5.1
  • xen-doc-html >= 4.0.3_21548_16-0.5.1
  • xen-doc-pdf >= 4.0.3_21548_16-0.5.1
  • xen-kmp-default >= 4.0.3_21548_16_2.6.32.59_0.9-0.5.1
  • xen-kmp-trace >= 4.0.3_21548_16_2.6.32.59_0.9-0.5.1
  • xen-libs >= 4.0.3_21548_16-0.5.1
  • xen-tools >= 4.0.3_21548_16-0.5.1
  • xen-tools-domU >= 4.0.3_21548_16-0.5.1
Builds
SAT Patch Nr: 8963

List of products where fixes are in QA

© 2014 Novell